Hello. In this document, we will walk through the steps of building and hosting your own Monero node from source on a Debian-based Linux system. These systems include Raspbian, Debian (9 and above), and Ubuntu (18.04 and above). This tutorial assumes that you are capable of accessing the ROOT terminal of your Debian-based system, and are capable of getting your system online if necessary. You may plan on using an external storage device to store the blockchain, this tutorial will include the optional steps to support external storage. Alternatively, this setup procedure can also accomodate users looking to host a pruned blockchain with restricted storage space.
Here are some useful links for reaching this prerequisite if you do not currently have access to a Debian-based system that meets the recommended system requirements.
-
OS: Debian-based Linux
-
RAM: 3 GB minimum (for building Monero source code)
-
CPU: 1 core
-
Storage: > 50 GB free space (internal or external)
Now that you have access to the terminal of your Debian-based system, you can begin. Lets start by confirming that you are currently the root user.
THIS TUTORIAL ASSUMES THAT YOU WILL REMAIN THE ROOT USER FOR THE ENTIRETY OF THE SETUP PROCESS
$ whoami
If the result of this command is root, you may proceed with the tutorial.
If you are not the root user, it is highly recommended you log in as root using either su or sudo su before proceeding with the tutorial.
Additionally, you should confirm the connectivity of your device by checking your external IP address.
$ curl ifconfig.me
Lets install the necessary packages that we will need to acquire Monero's source.
$ apt-get update
$ apt-get install -y nano git
Next, lets download the Monero source code and enter the root directory of the source code...
$ cd /root
$ git clone 'https://github.com/monero-project/monero.git'
$ cd monero
...and initialize the source code to the latest release.
$ git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
$ git submodule init
$ git submodule update
Now, we will install the required packages to build the Monero source code. As of v0.17.1.8, Monero requires the following packages...
[NOTICE] These dependencies may change with future updates. You can confirm that you have all package dependencies by viewing the Compiling Monero from source -> Dependencies section the Monero Project's README file.
$ apt-get install -y build-essential cmake pkg-config libboost-all-dev libssl-dev libzmq3-dev libunbound-dev libsodium-dev libunwind8-dev liblzma-dev libreadline6-dev libldns-dev libexpat1-dev doxygen graphviz libpgm-dev qttools5-dev-tools libhidapi-dev libusb-1.0-0-dev libprotobuf-dev protobuf-compiler libudev-dev
Next we will install the systemd service and the correlating configuration file for the process.
$ cp utils/conf/monerod.conf /etc
$ cp utils/systemd/monerod.service /etc/systemd/system
$ systemctl daemon-reload
$ systemctl enable monerod
These configuration files specify that your Monero node will log to /var/log/monero/monero.log and the blockchain will be stored in /var/lib/monero.
Now it is time to build the Monero source code. The following command will build Monero binaries and install them on your system by way of /usr/bin. It will take a while to run.
[NOTICE] This command will fail if you have less than 3GB of RAM.
$ cp "$(make release | tail -1 | grep -oP '(?<='"'"').*(?<!'"'"')')/bin/"* /usr/bin
Verify a successful installation by checking the version of your binaries.
$ monerod --version
Lastly, we must create a Monero user on the system.
$ adduser --disabled-password --system --group --home /var/lib/monero monero
If you would like to elevate your node's configuration to be a "full public node", add additional parameters to monerod.conf by running the following commands.
$ echo "confirm-external-bind=1" >> /etc/monerod.conf
$ echo "public-node=1" >> /etc/monerod.conf
$ echo "restricted-rpc=1" >> /etc/monerod.conf
If your system owns its public IP, you may bind monerod directly to the interface with the following three commands.
$ myIP="$(curl ifconfig.me)"
$ echo "rpc-restricted-bind-ip=${myIP}" >> /etc/monerod.conf
$ echo "rpc-bind-ip=${myIP}" >> /etc/monerod.conf
If you would like to host a pruned blockchain, run this command to add such specification to your configuration file.
$ echo "prune-blockchain=1" >> /etc/monerod.conf
If you have an external storage volume that you would like to use for your blockchain data, attach it to your Linux system now.
List the available storage volumes on your system with the following command. From the output, identify the volume that you are going to use.
$ fdisk -l
You will see output that looks roughly like this:
Disk /dev/sda: 49.5 GiB, 53154414592 bytes, 103817216 sectors
Disk model: QEMU HARDDISK
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/sdb: 516 MiB, 541065216 bytes, 1056768 sectors
Disk model: QEMU HARDDISK
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/sdc: 256 GiB, 274877906944 bytes, 536870912 sectors
Disk model: Volume
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
In this case, I am picking /dev/sdc, since this is the storage volume with enough space to store the blockchain (256 GB). I will run this command to specify /dev/sdc as my current device.
$ curDev=/dev/sdc
Now that you have identified the storage device on your system, you may now format it.
[WARNING] The following command is dangerous and will erase all data on the specified storage volume.
$ mkfs.ext4 -F $curDev
Now, configure your fstab file to mount this device automatically
$ echo "$curDev /var/lib/monero ext4 defaults 0 2" >> /etc/fstab
We will be using nftables to secure the network traffic on this system. nftables a new kernel-based packet filtering framework that replaces iptables. Amongst it's many superlatives to common firewalls, nftables has a very human friendly configuration syntax.
$ apt-get purge iptables
$ apt-get autoremove
$ apt-get install -y nftables
$ systemctl enable nftables
Now, using your favorite text editor (nano recommended)...
$ nano /etc/nftables.conf
...modify the contents of the file to reflect this template:
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0;
# allow Monero RPC and P2P ports inbound
tcp dport { 18080, 18081 } accept
# allow SSH connections
tcp dport { 22 } accept
# accept any traffic bound for the loopback interface
meta iifname lo accept
# allow established or related network traffic inbound
ct state { established, related } accept
# drop remaining traffic
drop
}
chain forward {
type filter hook forward priority 0;
}
chain output {
type filter hook output priority 0;
# allow all outbound traffic
accept
}
}
After saving your changes, confirm that your syntax is correct with this command:
$ nft -cf /etc/nftables.conf
If errors are found, they should be corrected before proceeding.
$ reboot
When your system comes back online, it will automatically launch the monerod node and begin synchronizing the blockchain.
You can monitor the progress of the blockchain sync by checking the logs.
$ cat /var/log/monero/monero.log
It's a well known fact that the Monero community executes biannual network upgrades that require participants (including node operators) upgrade their software. Since you have built and installed Monero from its source code, you can deploy these updates as soon as they are tagged in the GitHub repository.
After a new release has been tagged, updating your node is a fairly straightforward process. The following steps assume root access.
First, change to the root directory of the Monero source code.
$ cd /root/monero
Download GitHub commits and change to the latest release of the source code.
$ git fetch && git reset --hard $(git describe --tags $(git rev-list --tags --max-count=1))
Confirm that you have all package dependencies by viewing the Compiling Monero from source -> Dependencies section the Monero Project's README file.
Build the source code and change the current directory to the directory containing the built products.
$ cd "$(make release | tail -1 | grep -oP '(?<='"'"').*(?<!'"'"')')/bin/"
Congratulations, you have now built the latest release of the Monero source code. Three simple steps remain.
First, stop the monerod service so that the binaries can be installed.
$ systemctl stop monerod
Next, copy the new binaries to /usr/bin/.
$ cp ./* /usr/bin/
Lastly, start monerod once again.
$ systemctl start monerod